Sergey Biryukov
a5e0b8cba3
Revert to esc_attr_e() in setup-config.php to prevent a fatal error.
...
kses.php is not loaded at this point, so esc_url() cannot be used.
props csixty4, JustinSainton.
fixes #23516 . see #23334 .
git-svn-id: http://core.svn.wordpress.org/trunk@23455 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-19 05:36:16 +00:00
Ryan Boren
cc5ed3a485
Change all core API to expect unslashed rather than slashed arguments.
...
The exceptions to this are update_post_meta() and add_post_meta() which are often used by plugins in POST handlers and will continue accepting slashed data for now.
Introduce wp_upate_post_meta() and wp_add_post_meta() as unslashed alternatives to update_post_meta() and add_post_meta(). These functions could become methods in WP_Post so don't use them too heavily yet.
Remove all escape() calls from wp_xmlrpc_server. Now that core expects unslashed data this is no longer needed.
Remove addslashes(), addslashes_gpc(), add_magic_quotes() calls on data being prepared for handoff to core functions that until now expected slashed data. Adding slashes in no longer necessary.
Introduce wp_unslash() and use to it remove slashes from GPCS data before using it in core API. Almost every instance of stripslashes() in core should now be wp_unslash(). In the future (a release or three) when GPCS is no longer slashed, wp_unslash() will stop stripping slashes and simply return what is passed. At this point wp_unslash() calls can be removed from core.
Introduce wp_slash() for slashing GPCS data. This will also turn into a noop once GPCS is no longer slashed. wp_slash() should almost never be used. It is mainly of use in unit tests.
Plugins should use wp_unslash() on data being passed to core API.
Plugins should no longer slash data being passed to core. So when you get_post() and then wp_insert_post() the post data from get_post() no longer needs addslashes(). Most plugins were not bothering with this. They will magically start doing the right thing. Unfortunately, those few souls who did it properly will now have to avoid calling addslashes() for 3.6 and newer.
Use wp_kses_post() and wp_kses_data(), which expect unslashed data, instead of wp_filter_post_kses() and wp_filter_kses(), which expect slashed data. Filters are no longer passed slashed data.
Remove many no longer necessary calls to $wpdb->escape() and esc_sql().
In wp_get_referer() and wp_get_original_referer(), return unslashed data.
Remove old stripslashes() calls from WP_Widget::update() handlers. These haven't been necessary since WP_Widget.
Switch several queries over to prepare().
Expect something to break.
Props alexkingorg
see #21767
git-svn-id: http://core.svn.wordpress.org/trunk@23416 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-14 22:51:06 +00:00
Sergey Biryukov
7a77f47f55
Use correct escaping function. fixes #23334 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@23413 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-14 05:52:23 +00:00
Ryan Boren
d4abd95449
Scope button classes so they can be used on the frontend without interfering with theme styles.
...
Props helenyhou, koopersmith
fixes #22644
git-svn-id: http://core.svn.wordpress.org/trunk@22948 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-30 13:40:59 +00:00
Ryan Boren
0794b91606
Use retina logo in install, upgrade, setup-config, repair, and confirmation screens.
...
Props kopepasah, SergeyBiryukov
fixes #22375
git-svn-id: http://core.svn.wordpress.org/trunk@22419 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-07 17:34:22 +00:00
Andrew Ozz
efbc9d2336
Buttons:
...
- Update the install/initial configuration/repair screens buttons, props DrewAPicture
- Fix the welcome screen buttons and fine-tune the buttons css, props lessbloat
fixes #21598
git-svn-id: http://core.svn.wordpress.org/trunk@22314 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-10-26 19:40:39 +00:00
Ryan Boren
51920e1858
Consolidate some strings. Props pavelevap, SergeyBiryukov. see #21728
...
git-svn-id: http://core.svn.wordpress.org/trunk@22124 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-10-05 19:04:34 +00:00
Andrew Nacin
c8f160b6d8
On setup-config step 2, default to focusing on the textarea and selecting its contents. fixes #21656 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@21873 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-16 19:41:41 +00:00
Andrew Nacin
e027dbf019
Curly quotes for setup-config strings.
...
git-svn-id: http://core.svn.wordpress.org/trunk@21870 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-16 18:26:14 +00:00
Andrew Nacin
3a98eb10a1
If wp-config.php is not writable from setup-config, make the resulting textarea readonly. props jblz, fixes #21657 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@21869 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-16 18:01:04 +00:00
Andrew Nacin
b523c3d597
Rename duplicately defined internal functions (add_js, display_header) for documentation purposes. props bpetty, fixes #21564 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@21856 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-15 19:49:21 +00:00
Andrew Nacin
b1dcde1798
setup-config.php must be parseable by PHP4 so we can show a sane error message. wp-admin/index.php should ideally be as well. props SergeyBiryukov, see #21316 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@21716 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-04 02:46:01 +00:00
Andrew Nacin
c97452d955
Don't include functions.php in wp_load_translations_early()
...
to avoid a parse error in a PHP4 environment (caused by use of
the clone keyword in option.php).
Manually include functions.php in the rare situations where it
is not already included by the time we need to load translations
early.
Remove the functions.php dependency by switching the wp_die() calls
to die(), in wp_check_php_mysql_versions().
props SergeyBiryukov, see #21316 , for trunk.
git-svn-id: http://core.svn.wordpress.org/trunk@21715 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-04 02:38:37 +00:00
ryan
e0ba13d56c
setup-config.php cleanups
...
* Don't allow an empty prefix
* Make slashing consistent and sane
Props SergeyBiryukov
Fixes #13839
git-svn-id: http://svn.automattic.com/wordpress/trunk@20661 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-04-30 21:56:32 +00:00
azaozz
589792fca1
Move closing HTML tag outside _e(), props jiehanzheng, fixes #20510
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@20564 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-04-22 23:29:52 +00:00
nacin
456206c741
Do sanity checks for register_globals and magic quotes in setup-config.php. see #13839 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@20482 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-04-16 21:52:02 +00:00
nacin
5ecb56896f
Update login-logo.png to use proper color. Copy it over wordpress-logo.png. Make that one canonical, and stop using login-logo.png. Leave it for plugins. props iammattthomas. see #19955 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@19937 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-02-17 04:57:56 +00:00
nacin
0f8515abd9
Add some RTL misses for setup-config. props SergeyBiryukov, fixes #18180 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@19860 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-02-08 05:55:54 +00:00
nacin
92e46cf396
Poka-yoke.
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@19791 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-30 17:49:50 +00:00
nacin
9f4f2e85ce
Give install.css on setup-config.php some cache busting. see #19592 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@19790 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-30 17:37:13 +00:00
nacin
81ed9a7563
Introduce wp_load_translations_early(), which can be used before the locale is properly loaded in order to translate early error strings. Internationalize setup-config.php -- translators no longer have a reason to modify this file. fixes #18180 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@19760 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-26 20:34:27 +00:00
nacin
e5589e02b7
Use regex to fill in config-sample. Prevents translators from needing to manually translate 'database_name_here' (and friends). see #18180 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@19701 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-06 18:23:51 +00:00
azaozz
52b5e282bd
Fix styling for the installation screens, props chexee, fixes #18576
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@19297 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-11-15 15:47:07 +00:00
nacin
77cf05fbb7
Remove duplicated id attribute. props pagesimplify. (wp-testers)
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@18493 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-07-31 22:20:06 +00:00
azaozz
5256d7951f
<!DOCTYPE html> for all, fixes #18202
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@18460 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-07-22 00:25:41 +00:00
nacin
db78833264
Mark a few files as needing to be parsable by PHP4 in order to show the proper error messages. Non-exhaustive. see #17934 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@18375 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-06-29 16:50:07 +00:00
nacin
ad1e1df0f2
wp_check_php_mysql_versions() during setup and install. see #17934 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@18374 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-06-29 16:46:46 +00:00
markjaquith
b1f3de70e7
Restore compat.php includes. see #16918
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@17622 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-04-07 15:47:04 +00:00
ryan
91dc365567
Take out unnecessary compat functions from compat.php. Props hakre, ptahdunbar. see #16918
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@17603 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-04-05 17:13:04 +00:00
nacin
35b4860563
Don't improperly whitescreen on incorrect DB credentials during setup-config. Show error message with an opportunity to try again. fixes #15682 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@16788 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-12-08 07:12:44 +00:00
nacin
731bf1fb06
Begin the dissolution of classes.php. see #10287 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@16099 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-10-30 07:02:06 +00:00
nacin
0552424317
Revert submit_button() for wp-includes, setup-config, install, login, signup. see [16061], see #15064 , fixes #15247 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@16066 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-10-29 00:31:27 +00:00
markjaquith
fc6e89da45
Expand submit_button() capabilities. Replace all (or almost all) manual HTML instances in WP. props sbressler. see #15064
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@16061 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-10-28 21:56:43 +00:00
ryan
7b7243d94a
Strip trailing whites.
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@14404 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-05-03 20:26:11 +00:00
nacin
c5af6664a6
Remove debug.
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@14363 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-05-03 07:12:26 +00:00
nacin
0b597379e4
Prevent fatal error when falling back to fsockopen in the setup-config.php key/salt HTTP request. fixes #13030 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@14361 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-05-03 06:28:05 +00:00
nacin
44179f24ef
Unbreak setup-config.php. see #12990
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@14081 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-04-13 22:35:39 +00:00
dd32
6097e9d0e3
Pretty up the code text boxes on Install. Affects the non-writable wp-config.php mainly. Code styling taken from Network panel. Props ocean90
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@13870 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-03-28 11:26:06 +00:00
dd32
7bafa5ee43
Validate Table Prefix in wp-config.php generator. Props johnl1479. Fixes #12622
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@13853 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-03-28 01:57:45 +00:00
nacin
b5fa6854b5
Standardize db config-sample values. fixes #11523
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@13837 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-03-27 05:42:08 +00:00
dd32
208f98f762
Load WP_HTTP dependencies (translation support) for setup-config.php. Prevents a WSOD on attempted installs where external HTTP requests are blocked and/or timeout. Fixes #12514
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@13628 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-03-09 12:03:13 +00:00
nacin
64105ec06d
Add nag for missing authentication keys in network.php. See #11816
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@13614 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-03-06 21:01:58 +00:00
nacin
a39dc63ed5
Allow bypass of http call to wp.org (for keys/salts), via URL query var. See #12159
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@13232 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-02-19 20:56:16 +00:00
markjaquith
1801751bc4
More and more, hosts are not using localhost for the MySQL connection. Reword the config setup text. props mrmist. fixes #11659
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@13163 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-02-15 15:21:34 +00:00
nacin
db0e494344
Use an expanded special character set when generating auth keys and salts via wp_generate_password(). Props sivel, see #12159
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@13137 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-02-14 04:06:30 +00:00
nacin
5871a56009
Fall back to wp_generate_password() in setup-config.php if HTTPS request for secret keys fails. Also use pretty link to secret-key API, see #12159
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@13133 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-02-14 02:47:45 +00:00
dd32
d671bbe036
Fix off-by-one substr() error. Props blepoxp. See #12159
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@13042 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-02-10 10:59:45 +00:00
ryan
a8e393c607
Update keys and salts with random values from api.wordpress.org. Props nacin. see #12159
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@13026 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-02-08 18:15:44 +00:00
markjaquith
32d18323de
Use $required_php_version. Props nacin. fixes #11637
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@12939 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-02-03 21:38:09 +00:00
ryan
439d50d655
Cleanup wp-settings. Move functions needed at startup into load.php. Props nacin. see #11881
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@12732 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-01-15 22:03:41 +00:00